How to Configure OSPF MD5 Authentication

In a previous lesson I demonstrated how to configure plain text authentication for OSPF. This time we’ll look at MD5 authentication. The idea is the same but some of the commands are different. Anyway here is the topology that we will use:

Just two routers in the same area, nothing special. Here is the configuration to enable MD5 authentication:

For MD5 authentication you need different commands. First use ip ospf message-digest-key X md5 to specify the key number and a password. It doesn’t matter which key number you choose but it has to be the same on both ends. To enable OSPF authentication you need to type in ip ospf authentication message-digest.

It is also possible to enable authentication for the entire area, this way you don’t have to use the ip ospf authentication message-digest command on all of your interfaces to activate it. Here’s the command to enable MD5 authentication for the entire area:

Forum Replies

Authentication methods change often throughout the years. Plain text isn’t very secure since (as the name implies) everything is clear text. If you use a sniffer like wireshark then you can see the password in the packet capture. MD5 is a bit more secure since it uses hashing.

On IOS XE, OSPF also supports SHA256 for authentication which is even more secure than MD5.

You can find the output of the running configuration at the bottom of each lesson:

You can either enable MD5 authentication globally in an area, or individually on specific interfaces. So you either enter the command area X authentication message-digest under the OSPF configuration or the ip ospf authentication message-digest command under each interface you want to enable it for.

There are essentially two parts to the configuration of MD5 authentication for OSPF. One is the configuration of the parameters themselves such as key number and password. This is performed on the interface in question with the command ip ospf message-digest-key X md5 password.

The second part to the configuration has to do with the actual activation of the functionality. This can be done in two ways:

One is to activate the authentication functionality on a per interface basis. This involves implementing the ip ospf authentication message-dige

In regards to what Rene was saying if you use GNS3 it has that built in wireshark which is very nice. to check out see pic below where you can see clear text password with wireshark in the OSPF header.

Also you have to understand I am no wireshark expert I am just starting to learn and play around with it more since starting my network studies. So if a novice could find it just think what pros could do and find!

New Lessons

Testimonials

Easily Digestible, Very Informative

The most informative and easily digestible information I have found to date regarding all things Cisco. Huge, well laid out sections on EIGRP, OSPF, BGP are where my head is currently stuck at the moment. MPLS section is next on the list. Rene has a natural gift for taking you from the humble beginnings right up to the CCIE level world and leaves nothing out. I have personally emailed Rene on numerous times and he has always got back to me. Every comment / question I have ever made, has again, been answered informatively. This is my "goto" resource for studies, refresh and all things learning.

Rob GrantNetwork EngineerSeptember 21, 2015

Piece of Art!

I recommend starting your networking career with NetworkLessons.com. It gives basic and advanced knowledge in all networking and security topics. A great tool to gain, upgrade or refresh your knowledge. Next to being outstanding and straightforward, it's utterly affordable and a great, reliable source of information.

Tatyana KostovaNetwork EngineerJune 30, 2016

Great Work!

It's like a spoon feeding type of tutorial. Thanks!

Don DrujaNetwork EngineerNovember 10, 2015

Great Resource to Pass Cisco Certs

NetworkLessons.com proved to be a great resource in passing Cisco certifications. They explain their lessons and courses in understandable terms and which are very easy to digest. Thanks for the simplification of complex topics!

Vanessa SicilianoPremier SupportJanuary 14, 2019

Excellent God Send

I love the way Rene breaks down a technology by showing the lab with the commands also going deep on various topics.

Charles JohnsonNetwork EngineerSeptember 10, 2015

Can’t Miss for a Day

NetworkLessons.com makes labs look easy and understandable. I seriously can't miss a single day without being a member of their website. NetworkLessons.com is a fantastic and very helpful e-learning site. They provide you the best and the most important knowledge that you need to get any networking job done. Thank you!

Jean CasimirSr Network EngineerAugust 14, 2017

Excellent, Fun and Valuable

A buddy of me told me about this website, so I gave it a shot. Since I changed job from System Engineer to Pre Sales, I have been asked to certify for CCNP and going trough the official Cisco certification guides is not only a hassle but sometimes you read on difficult subjects and the way it is explained is sometimes more difficult then it actually is. Regardless of your expertise, Networklessons.com provides the basics in a playful way and more. Difficult topics are brought in a easy readable format and looking at the whole package, including GNS3Vault labs, makes Networklessons a must have when you want to certify or grow in the job. It is fantastic that a person is so dedicated to help others on difficult topics. Keep it going René!

Samuel De GendtPre SalesSeptember 25, 2015

Great Explanation!

NetworkLessons is a great learning resource for basic and advanced network concepts. I really love the way Rene breaks down a technology by showing labs and explaining in a very simple way. I can say I've finally found the resource where even advanced topics are easy to understand and straight to the point. NetworkLessons helps me immensely in understanding all difficult CCIE R&S topics and I'm very glad for that!

Siba P. TahouNetwork & Security EngineerNovember 30, 2015

Pedagogy & Deep Understanding of Networking

I’ve fallen in love with Rene’s materials. I was looking for an online course to start my CCNP R&S. Then I went like: Who's better than this guy playing that easy with networking principles and Cisco devices and who truly knows the art of teaching networking? I’m enjoying so far all valuable content of NetworkLessons.com and above all, Rene’s teachings are helping me to move smoothly on my journey towards my CCNP R&S certification. Rene in an expert in pedagogy and I recommend his courses to everyone who want to go deep with networking principles.

Serges AvodagbeNetwork EngineerMay 8, 2017

Now Everyone can Learn Networking!

I found Networklessons.com to provide me very detailed explanations which can guide me from a novice layman to become a networking professional in a very short time. Before I became a member, I thought I knew something about OSPF, BGP, EIGRP, MPLS etc. but now I relealize I did not. A lot of the 'small pixel' how it really works I didn't know at all, but now with help of Networklessons.com I am so confident and know what all of these topics are about. Networklessons.com is not only a website containing lessons to me, but also a consultant which can help and answer the technical issues of networking. Rene answers all my questions with a prompt response. My thanks to Networklessons.com and Rene!

Davis WongNetwork EngineerFebruary 29, 2016

Best Networking Resource!

NetworkLessons.com is a great resource both in review of network fundamentals and helping me prepare for the Cisco CCIE R/S lab exam. Their lessons are easily understandable with simple examples to use. As a Cisco CCIE, I will continue to use NetworkLessons.com as it's important to stay current on the fundamentals while learning new concepts to broaden my skill-set.

Ronald BannisterSr. Network Engineer February 14, 2018

Answers Are Only a Search Away

The unique method of NetworkLessons.com explaining topics makes it easy to understand. It's really a joy to learn and tead. I like the teaching techniques, they are clear, concise and to the point. I have never subscribed to any training resource before, but the quality that NetworkLessons.com has to offer makes it worth it. Especially when having to troubleshoot more complex network issues we face in production environments, answers are just a search away.